Cybercriminals Leak Millions of Records in “Free Leakmas” Campaign During the Holiday Season

The holiday season is usually a time of joy and celebration, but for cybercriminals, it presented an opportunity to carry out their nefarious activities. In the days leading up to Christmas, a staggering 50 million records containing sensitive personal information were leaked by these threat actors. These leaks, primarily found on the Dark Web, were labeled “Free Leaksmas,” indicating that the criminals were sharing their data as a gesture of mutual gratitude among their ilk.

“Free Leaksmas” campaign on the Dark Web

The Dark Web served as the platform for cybercriminals to exchange and share compromised data during the holiday season. The “Free Leaksmas” campaign demonstrated a peculiar form of camaraderie among these threat actors. It is believed that by sharing their stolen data, they were expressing gratitude towards one another and establishing an environment of trust within their criminal network. As part of the campaign, underground shops offering compromised accounts on online banking and ecommerce platforms even provided substantial discounts, with markdowns reaching up to 40%.

Data dumps from various breaches

Several major data breaches contributed to the “Free Leaksmas” campaign, resulting in significant record leaks. One of the most prominent dumps came from a breach at Peruvian telecom provider Movistar, where a staggering 22 million records containing customer phone numbers and identification numbers were compromised. This breach is concerning as it exposes a vast amount of personal information that could potentially be exploited for various malicious purposes.

In addition to the Movistar breach, other notable Leaksmas datasets emerged from breaches at a Vietnamese fashion retailer and a French company. Both of these breaches yielded millions of records, further fueling concerns about the extent of personal data available to cybercriminals.

Revisiting older incidents

Interestingly, some of the leaked data appeared to originate from older incidents that had resurfaced. One such incident was the rumored breach of the Swedish fintech company Klarna in 2022. It is clear that cybercriminals are not only focused on recent breaches but also revisiting past incidents to exploit any remaining vulnerabilities and retrieve valuable data.

Notable threat actors involved

Several known threat actor groups have been identified as participating in the “Free Leaksmas” campaign. One such group is SeigedSec, a pro-Iranian entity that has previously targeted critical infrastructure and industrial control systems environments in Israel. Their involvement in sharing compromised data during the holiday break raises concerns over potential future attacks on critical systems.

Another group involved in the Leaksmas campaign is the hacktivist alliance known as the “Five Families.” This group claimed responsibility for stealing records from a large Chinese clothing store due to its alleged abusive labor practices and government connections. The motivations behind their actions highlight the intersection between cybercrime and activism.

Discounts and Focus on Stolen Credit Card Data

As digital identity remains a primary focus for cybercriminals, those selling stolen credit card data and related services offer attractive discounts to entice new buyers. Cybercriminals recognize the lucrative nature of stolen credit card information and the potential for financial gain. By offering discounts, they seek to expand their customer base and increase the demand for stolen data.

The “Free Leaksmas” campaign conducted by cybercriminals during the holiday season resulted in a massive influx of leaked personal data. The collaboration and data sharing observed among these threat actors signifies the existence of a robust criminal network. With notable threat actors and the abundance of compromised accounts and credit card information, the importance of data security cannot be stressed enough. As we move forward, it is crucial for individuals and organizations to remain vigilant and implement robust cybersecurity measures to protect against such breaches and safeguard sensitive information.

Explore more

D365 Supply Chain Tackles Key Operational Challenges

Imagine a mid-sized manufacturer struggling to keep up with fluctuating demand, facing constant stockouts, and losing customer trust due to delayed deliveries, a scenario all too common in today’s volatile supply chain environment. Rising costs, fragmented data, and unexpected disruptions threaten operational stability, making it essential for businesses, especially small and medium-sized enterprises (SMBs) and manufacturers, to find ways to

Cloud ERP vs. On-Premise ERP: A Comparative Analysis

Imagine a business at a critical juncture, where every decision about technology could make or break its ability to compete in a fast-paced market, and for many organizations, selecting the right Enterprise Resource Planning (ERP) system becomes that pivotal choice—a decision that impacts efficiency, scalability, and profitability. This comparison delves into two primary deployment models for ERP systems: Cloud ERP

Selecting the Best Shipping Solution for D365SCM Users

Imagine a bustling warehouse where every minute counts, and a single shipping delay ripples through the entire supply chain, frustrating customers and costing thousands in lost revenue. For businesses using Microsoft Dynamics 365 Supply Chain Management (D365SCM), this scenario is all too real when the wrong shipping solution disrupts operations. Choosing the right tool to integrate with this powerful platform

How Is AI Reshaping the Future of Content Marketing?

Dive into the future of content marketing with Aisha Amaira, a MarTech expert whose passion for blending technology with marketing has made her a go-to voice in the industry. With deep expertise in CRM marketing technology and customer data platforms, Aisha has a unique perspective on how businesses can harness innovation to uncover critical customer insights. In this interview, we

Why Are Older Job Seekers Facing Record Ageism Complaints?

In an era where workforce diversity is often championed as a cornerstone of innovation, a troubling trend has emerged that threatens to undermine these ideals, particularly for those over 50 seeking employment. Recent data reveals a staggering surge in complaints about ageism, painting a stark picture of systemic bias in hiring practices across the U.S. This issue not only affects